CVE-2024-6245

Default Credentials in ssh service for SmartPlay in Maruti Suzuki

CVSS 7.4 HIGHEPSS 0.2%CWE-1392

Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue affects SmartPlay: 66T0.05.50.

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected products

Faurecia Clarion Electronics Co., Ltd. · SmartPlay

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.global-infotainment-system.com/en/top.html https://www.marutisuzuki.com/corporate/technology/smartplay-systems